using SS;
using System;
using System.Data;
using System.Data.SqlClient;
using System.Windows.Forms;
namespace SM.core
{
	internal class Account
	{
		private Func objFunc = new Func();
		public Account()
		{
			Program.strConnectionString = this.objFunc.strConnectionString;
		}
		public int action(string UserName, string FullName, string Pass, int Status, string GroupUser)
		{
			int result;
			try
			{
				SqlConnection sqlConnection = new SqlConnection(Program.strConnectionString);
				sqlConnection.Open();
				SqlCommand sqlCommand = new SqlCommand("ActionOnTabUser", sqlConnection);
				sqlCommand.CommandType = CommandType.StoredProcedure;
				sqlCommand.Parameters.Add("UserName", SqlDbType.VarChar, 50);
				sqlCommand.Parameters.Add("FullName", SqlDbType.NVarChar, 300);
				sqlCommand.Parameters.Add("Pass", SqlDbType.VarChar, 50);
				sqlCommand.Parameters.Add("Status", SqlDbType.SmallInt);
				sqlCommand.Parameters.Add("Group", SqlDbType.VarChar, 50);
				sqlCommand.Parameters["UserName"].Value = UserName;
				sqlCommand.Parameters["FullName"].Value = FullName;
				sqlCommand.Parameters["Pass"].Value = this.objFunc.CryptographyMD5(Pass);
				sqlCommand.Parameters["Status"].Value = Status;
				sqlCommand.Parameters["Group"].Value = GroupUser;
				sqlCommand.ExecuteNonQuery();
				sqlConnection.Close();
				sqlConnection.Dispose();
				result = 0;
			}
			catch
			{
				result = 1;
			}
			return result;
		}
		public int action11(string oldUserName, string UserName, string FullName, string Pass, int Status, string GroupUser, string WareHouseID)
		{
			int result;
			try
			{
				SqlConnection sqlConnection = new SqlConnection(Program.strConnectionString);
				sqlConnection.Open();
				SqlCommand sqlCommand = new SqlCommand("ActionOnTabUser", sqlConnection);
				sqlCommand.CommandType = CommandType.StoredProcedure;
				sqlCommand.Parameters.Add("UserName", SqlDbType.VarChar, 50);
				sqlCommand.Parameters.Add("FullName", SqlDbType.NVarChar, 300);
				sqlCommand.Parameters.Add("Pass", SqlDbType.VarChar, 50);
				sqlCommand.Parameters.Add("Status", SqlDbType.SmallInt);
				sqlCommand.Parameters.Add("Group", SqlDbType.VarChar, 50);
				sqlCommand.Parameters.Add("WareHouseID", SqlDbType.VarChar, 50);
				sqlCommand.Parameters.Add("NoChangePass", SqlDbType.VarChar, 50);
				sqlCommand.Parameters.Add("oldUserName", SqlDbType.VarChar, 50);
				sqlCommand.Parameters["UserName"].Value = UserName;
				sqlCommand.Parameters["FullName"].Value = FullName;
				sqlCommand.Parameters["Pass"].Value = this.objFunc.CryptographyMD5(Pass);
				sqlCommand.Parameters["Status"].Value = Status;
				sqlCommand.Parameters["Group"].Value = GroupUser;
				sqlCommand.Parameters["WareHouseID"].Value = WareHouseID;
				sqlCommand.Parameters["NoChangePass"].Value = 1;
				sqlCommand.Parameters["oldUserName"].Value = oldUserName;
				sqlCommand.ExecuteNonQuery();
				sqlConnection.Close();
				sqlConnection.Dispose();
				result = 0;
			}
			catch
			{
				result = 1;
			}
			return result;
		}
		public bool CheckName(string tempName, string tempUserName)
		{
			bool result = false;
			SqlConnection sqlConnection = new SqlConnection(Program.strConnectionString);
			SqlCommand sqlCommand = new SqlCommand();
			sqlCommand.Connection = sqlConnection;
			sqlCommand.CommandText = string.Concat(new string[]
			{
				"SELECT TOP 1 UserName FROM [TabUser] WHERE [FullName] = '",
				tempName,
				"' AND [UserName] <> '",
				tempName,
				"' "
			});
			sqlConnection.Open();
			SqlDataReader sqlDataReader = sqlCommand.ExecuteReader();
			if (sqlDataReader.HasRows)
			{
				result = true;
			}
			sqlDataReader.Close();
			sqlDataReader.Dispose();
			sqlConnection.Close();
			sqlConnection.Dispose();
			return result;
		}
		public bool CheckStatus(string userName)
		{
			bool result = false;
			SqlConnection sqlConnection = new SqlConnection(Program.strConnectionString);
			SqlCommand sqlCommand = new SqlCommand();
			sqlCommand.Connection = sqlConnection;
			sqlCommand.CommandText = "SELECT [Status] FROM [TabUser] WHERE [UserName] = '" + userName + "'";
			sqlConnection.Open();
			SqlDataReader sqlDataReader = sqlCommand.ExecuteReader();
			while (sqlDataReader.Read())
			{
				result = (sqlDataReader["Status"].ToString() == "1");
			}
			sqlDataReader.Close();
			sqlDataReader.Dispose();
			sqlConnection.Close();
			sqlConnection.Dispose();
			return result;
		}
		public int action_Emp(string UserName, string FullName, string Address, string Phone, string Mobile, string Email, string Pass)
		{
			int result;
			try
			{
				SqlConnection sqlConnection = new SqlConnection(Program.strConnectionString);
				sqlConnection.Open();
				SqlCommand sqlCommand = new SqlCommand("ActionOnTabEmp", sqlConnection);
				sqlCommand.CommandType = CommandType.StoredProcedure;
				sqlCommand.Parameters.Add("UserName", SqlDbType.VarChar, 50);
				sqlCommand.Parameters.Add("FullName", SqlDbType.NVarChar, 250);
				sqlCommand.Parameters.Add("Address", SqlDbType.NVarChar, 500);
				sqlCommand.Parameters.Add("Phone", SqlDbType.VarChar, 50);
				sqlCommand.Parameters.Add("Mobile", SqlDbType.VarChar, 50);
				sqlCommand.Parameters.Add("Email", SqlDbType.VarChar, 50);
				sqlCommand.Parameters.Add("Pass", SqlDbType.VarChar, 500);
				sqlCommand.Parameters["UserName"].Value = UserName;
				sqlCommand.Parameters["FullName"].Value = FullName;
				sqlCommand.Parameters["Address"].Value = Address;
				sqlCommand.Parameters["Phone"].Value = Phone;
				sqlCommand.Parameters["Mobile"].Value = Mobile;
				sqlCommand.Parameters["Email"].Value = Email;
				sqlCommand.Parameters["Pass"].Value = Pass;
				sqlCommand.ExecuteNonQuery();
				sqlConnection.Close();
				sqlConnection.Dispose();
				result = 0;
			}
			catch
			{
				result = 1;
			}
			return result;
		}
		public void loadToListView(ListView lv)
		{
			lv.Items.Clear();
			int num = 0;
			SqlConnection sqlConnection = new SqlConnection(Program.strConnectionString);
			sqlConnection.Open();
			string cmdText = "SELECT [UserName], [FullName], [Status], [WareHouseID] FROM [TabUser] ORDER BY [UserName]";
			SqlCommand sqlCommand = new SqlCommand(cmdText, sqlConnection);
			SqlDataReader sqlDataReader = sqlCommand.ExecuteReader();
			while (sqlDataReader.Read())
			{
				lv.Items.Add((num + 1).ToString());
				lv.Items[num].UseItemStyleForSubItems = false;
				lv.Items[num].SubItems.Add(sqlDataReader["UserName"].ToString());
				lv.Items[num].SubItems.Add(sqlDataReader["FullName"].ToString());
				lv.Items[num].SubItems.Add(sqlDataReader["Status"].ToString());
				lv.Items[num].SubItems.Add(sqlDataReader["WareHouseID"].ToString());
				num++;
			}
			sqlDataReader.Close();
			sqlDataReader.Dispose();
			sqlConnection.Close();
			sqlConnection.Dispose();
		}
		public bool checkPerExtention(string userName, string ExtPermission)
		{
			SqlConnection sqlConnection = new SqlConnection(Program.strConnectionString);
			sqlConnection.Open();
			string cmdText = string.Concat(new string[]
			{
				"SELECT * FROM [TabUserExtPermission] WHERE Account = '",
				userName,
				"' AND ExtPermission = '",
				ExtPermission,
				"'"
			});
			SqlCommand sqlCommand = new SqlCommand(cmdText, sqlConnection);
			SqlDataReader sqlDataReader = sqlCommand.ExecuteReader();
			bool result = sqlDataReader.HasRows;
			sqlConnection.Close();
			sqlConnection.Dispose();
			return result;
		}
		public void getPerExtention(DataGridView dgv)
		{
			dgv.DataSource = null;
			dgv.AutoGenerateColumns = false;
			SqlConnection sqlConnection = new SqlConnection(Program.strConnectionString);
			sqlConnection.Open();
			string cmdText = "SELECT CONVERT(bit,0) AS TMP, [ID], [Description] FROM [TabPerExtention]";
			SqlCommand selectCommand = new SqlCommand(cmdText, sqlConnection);
			SqlDataAdapter sqlDataAdapter = new SqlDataAdapter();
			sqlDataAdapter.SelectCommand = selectCommand;
			DataSet dataSet = new DataSet();
			sqlDataAdapter.Fill(dataSet);
			dgv.DataSource = dataSet.Tables[0];
			sqlConnection.Close();
			sqlConnection.Dispose();
		}
		public void delExtPermission(string userName)
		{
			SqlConnection sqlConnection = new SqlConnection(Program.strConnectionString);
			sqlConnection.Open();
			string cmdText = "DELETE TabUserExtPermission WHERE [Account] = '" + userName + "'";
			SqlCommand sqlCommand = new SqlCommand(cmdText, sqlConnection);
			sqlCommand.ExecuteNonQuery();
			sqlConnection.Close();
			sqlConnection.Dispose();
		}
		public void setExtPermission(string userName, string ExtPermission)
		{
			SqlConnection sqlConnection = new SqlConnection(Program.strConnectionString);
			sqlConnection.Open();
			string cmdText = string.Concat(new string[]
			{
				"INSERT INTO TabUserExtPermission(Account,ExtPermission) VALUES('",
				userName,
				"','",
				ExtPermission,
				"')"
			});
			SqlCommand sqlCommand = new SqlCommand(cmdText, sqlConnection);
			sqlCommand.ExecuteNonQuery();
			sqlConnection.Close();
			sqlConnection.Dispose();
		}
		public void loadToListView_Emp(ListView lv)
		{
			lv.Items.Clear();
			int num = 0;
			SqlConnection sqlConnection = new SqlConnection(Program.strConnectionString);
			sqlConnection.Open();
			string cmdText = "SELECT * FROM [TabUser] WHERE [UserName]<>'admin' ORDER BY [FullName]";
			SqlCommand sqlCommand = new SqlCommand(cmdText, sqlConnection);
			SqlDataReader sqlDataReader = sqlCommand.ExecuteReader();
			while (sqlDataReader.Read())
			{
				lv.Items.Add((num + 1).ToString());
				lv.Items[num].UseItemStyleForSubItems = false;
				lv.Items[num].SubItems.Add(sqlDataReader["UserName"].ToString());
				lv.Items[num].SubItems.Add(sqlDataReader["FullName"].ToString());
				lv.Items[num].SubItems.Add(sqlDataReader["Address"].ToString());
				lv.Items[num].SubItems.Add(sqlDataReader["Phone"].ToString());
				lv.Items[num].SubItems.Add(sqlDataReader["Mobile"].ToString());
				lv.Items[num].SubItems.Add(sqlDataReader["Email"].ToString());
				num++;
			}
			sqlDataReader.Close();
			sqlDataReader.Dispose();
			sqlConnection.Close();
			sqlConnection.Dispose();
		}
		public string CheckEmpExitstInOutBill(string tmpAutoID)
		{
			string result = "";
			SqlConnection sqlConnection = new SqlConnection(Program.strConnectionString);
			sqlConnection.Open();
			try
			{
				SqlCommand sqlCommand = sqlConnection.CreateCommand();
				sqlCommand.CommandText = "SELECT [ID] FROM [TabInOutBill] WHERE [userName]='" + tmpAutoID + "'";
				SqlDataReader sqlDataReader = sqlCommand.ExecuteReader();
				if (sqlDataReader.HasRows)
				{
					result = "1";
				}
				sqlDataReader.Close();
				sqlDataReader.Dispose();
			}
			catch
			{
			}
			sqlConnection.Close();
			sqlConnection.Dispose();
			return result;
		}
		public string CheckEmpExitstInBill(string tmpAutoID)
		{
			string result = "";
			SqlConnection sqlConnection = new SqlConnection(Program.strConnectionString);
			sqlConnection.Open();
			try
			{
				SqlCommand sqlCommand = sqlConnection.CreateCommand();
				sqlCommand.CommandText = "SELECT [ID] FROM [TabBill] WHERE [userName]='" + tmpAutoID + "'";
				SqlDataReader sqlDataReader = sqlCommand.ExecuteReader();
				if (sqlDataReader.HasRows)
				{
					result = "1";
				}
				sqlDataReader.Close();
				sqlDataReader.Dispose();
			}
			catch
			{
			}
			sqlConnection.Close();
			sqlConnection.Dispose();
			return result;
		}
		public int delItem(string UserName)
		{
			int result;
			try
			{
				SqlConnection sqlConnection = new SqlConnection(Program.strConnectionString);
				sqlConnection.Open();
				string cmdText = "DELETE [TabUser] WHERE [UserName] = '" + UserName + "'";
				SqlCommand sqlCommand = new SqlCommand(cmdText, sqlConnection);
				sqlCommand.ExecuteNonQuery();
				sqlConnection.Close();
				sqlConnection.Dispose();
				result = 0;
			}
			catch
			{
				result = 1;
			}
			return result;
		}
		public void checkGroup(string userName, ListView lv)
		{
			SqlConnection sqlConnection = new SqlConnection(Program.strConnectionString);
			sqlConnection.Open();
			SqlCommand sqlCommand = sqlConnection.CreateCommand();
			sqlCommand.CommandText = "SELECT [Group] AS G FROM [TabUser] WHERE [UserName] = '" + userName + "'";
			SqlDataReader sqlDataReader = sqlCommand.ExecuteReader();
			while (sqlDataReader.Read())
			{
				string text = sqlDataReader["G"].ToString();
				for (int i = 0; i < lv.Items.Count; i++)
				{
					lv.Items[i].Checked = false;
				}
				for (int i = 0; i < lv.Items.Count; i++)
				{
					if (text.Contains("\"" + lv.Items[i].SubItems[0].Text + "\""))
					{
						lv.Items[i].Checked = true;
					}
				}
			}
			sqlDataReader.Close();
			sqlDataReader.Dispose();
			sqlConnection.Close();
			sqlConnection.Dispose();
		}
		public string checkDoctorAcc(string userName)
		{
			string result = "-:-";
			SqlConnection sqlConnection = new SqlConnection(Program.strConnectionString);
			sqlConnection.Open();
			SqlCommand sqlCommand = sqlConnection.CreateCommand();
			sqlCommand.CommandText = "SELECT * FROM [TabDoctor] WHERE [Acc] = '" + userName + "'";
			SqlDataReader sqlDataReader = sqlCommand.ExecuteReader();
			while (sqlDataReader.Read())
			{
				result = sqlDataReader["ID"].ToString();
			}
			sqlDataReader.Close();
			sqlDataReader.Dispose();
			sqlConnection.Close();
			sqlConnection.Dispose();
			return result;
		}
		public bool checkPass(string UserName, string passWord)
		{
			bool result;
			try
			{
				bool flag = false;
				SqlConnection sqlConnection = new SqlConnection(Program.strConnectionString);
				sqlConnection.Open();
				string cmdText = string.Concat(new string[]
				{
					"SELECT UserName FROM [TabUser] WHERE [UserName] = '",
					UserName,
					"' AND [Pass] = '",
					this.objFunc.CryptographyMD5(passWord),
					"'"
				});
				SqlCommand sqlCommand = new SqlCommand(cmdText, sqlConnection);
				SqlDataReader sqlDataReader = sqlCommand.ExecuteReader();
				if (sqlDataReader.HasRows)
				{
					flag = true;
				}
				sqlDataReader.Close();
				sqlDataReader.Dispose();
				sqlConnection.Close();
				sqlConnection.Dispose();
				result = flag;
			}
			catch
			{
				result = false;
			}
			return result;
		}
		public bool checkUser(string UserName)
		{
			bool result;
			try
			{
				SqlConnection sqlConnection = new SqlConnection(Program.strConnectionString);
				sqlConnection.Open();
				string cmdText = "SELECT UserName FROM [TabUser] WHERE [UserName] = '" + UserName + "'";
				SqlCommand sqlCommand = new SqlCommand(cmdText, sqlConnection);
				SqlDataReader sqlDataReader = sqlCommand.ExecuteReader();
				if (sqlDataReader.HasRows)
				{
				}
				sqlDataReader.Close();
				sqlDataReader.Dispose();
				sqlConnection.Close();
				sqlConnection.Dispose();
				result = false;
			}
			catch
			{
				result = false;
			}
			return result;
		}
		public bool updatePass(string UserName, string passWord)
		{
			bool result;
			try
			{
				SqlConnection sqlConnection = new SqlConnection(Program.strConnectionString);
				sqlConnection.Open();
				string cmdText = string.Concat(new string[]
				{
					"UPDATE [TabUser] SET [Pass] = '",
					this.objFunc.CryptographyMD5(passWord),
					"' WHERE [UserName] = '",
					UserName,
					"'"
				});
				SqlCommand sqlCommand = new SqlCommand(cmdText, sqlConnection);
				sqlCommand.ExecuteNonQuery();
				sqlConnection.Close();
				sqlConnection.Dispose();
				result = true;
			}
			catch
			{
				result = false;
			}
			return result;
		}
		public string getWarehouse(string UserName)
		{
			string result = "";
			SqlConnection sqlConnection = new SqlConnection(this.objFunc.strConnectionString);
			sqlConnection.Open();
			SqlCommand sqlCommand = sqlConnection.CreateCommand();
			sqlCommand.CommandText = "SELECT [WareHouseID] FROM [TabUser] WHERE [UserName] = '" + UserName + "'";
			SqlDataReader sqlDataReader = sqlCommand.ExecuteReader();
			while (sqlDataReader.Read())
			{
				result = sqlDataReader["WareHouseID"].ToString();
			}
			sqlDataReader.Close();
			sqlDataReader.Dispose();
			sqlConnection.Close();
			sqlConnection.Dispose();
			return result;
		}
		public bool checkInSession(string Acc)
		{
			bool flag = false;
			SqlConnection sqlConnection = new SqlConnection(Program.strConnectionString);
			sqlConnection.Open();
			string cmdText = "SELECT [Acc] FROM [TabAccOnline] WHERE [Acc] = '" + Acc + "'";
			SqlCommand sqlCommand = new SqlCommand(cmdText, sqlConnection);
			SqlDataReader sqlDataReader = sqlCommand.ExecuteReader();
			while (sqlDataReader.Read() && !flag)
			{
				flag = true;
			}
			sqlDataReader.Close();
			sqlDataReader.Dispose();
			sqlConnection.Close();
			sqlConnection.Dispose();
			return flag;
		}
	}
}
